Beispiel #1
0
    cve_explorer = CveExplorerNVD(utility)
    censys = Censys(utility)

    # Get target information from "host.txt".
    protocol_list, fqdn_list, port_list, path_list = get_target_info(
        full_path, utility)

    # Start investigation.
    for idx in range(len(fqdn_list)):
        # Check parameters.
        msg = 'investigation : {}, {}, {}, {}'.format(protocol_list[idx],
                                                      fqdn_list[idx],
                                                      port_list[idx],
                                                      path_list[idx])
        utility.write_log(20, 'Start ' + msg)
        if utility.check_arg_value(protocol_list[idx], fqdn_list[idx],
                                   port_list[idx], path_list[idx]) is False:
            msg = 'Invalid parameter : {}, {}, {}, {}'.format(
                protocol_list[idx], fqdn_list[idx], port_list[idx],
                path_list[idx])
            utility.print_message(FAIL, msg)
            utility.write_log(30, msg)
            continue

        # Create report header.
        report.create_report_header(fqdn_list[idx], port_list[idx])

        # Check encoding.
        test_url = ''
        if int(port_list[idx]) in [80, 443]:
            test_url = protocol_list[idx] + '://' + fqdn_list[idx] + path_list[
                idx]
Beispiel #2
0
    # Show banner.
    show_banner(utility)

    # Create signature and train data.
    if opt_develop:
        creator = Creator(utility)
        creator.extract_file_structure(opt_develop_category,
                                       opt_develop_vendor, opt_develop_package)
        print(os.path.basename(__file__) + ' finish!!')
        utility.write_log(20, '[Out] GyoiThon [{}].'.format(file_name))
        sys.exit(0)

    # Explore relevant FQDN with the target FQDN.
    if opt_invent and utility.check_arg_value(opt_invent_scheme,
                                              opt_invent_fqdn, opt_invent_port,
                                              opt_invent_path):
        inventory = Inventory(utility)
        spider = SpiderControl(utility)
        google_hack = GoogleCustomSearch(utility)

        # Check encoding type of target site.
        target_url = ''
        if int(opt_invent_port) in [80, 443]:
            target_url = opt_invent_scheme + '://' + opt_invent_fqdn + opt_invent_path
        else:
            target_url = opt_invent_scheme + '://' + opt_invent_fqdn + ':' + opt_invent_port + opt_invent_path

        # Gather relevant FQDN.
        all_fqdn_list = inventory.fqdn_explore(spider, google_hack, target_url,
                                               opt_invent_keyword)
Beispiel #3
0
                            port_num = '443'
                        elif parsed.port is None and parsed.scheme == 'http':
                            port_num = '80'
                        elif parsed.port is not None:
                            port_num = str(parsed.port)
                        else:
                            utility.print_message(FAIL, 'Invalid URL : {}'.format(invent_url))
                            utility.write_log(30, 'Invalid URL : {}'.format(invent_url))
                            continue
                    except Exception as e:
                        utility.print_exception(e, 'Parsed error : {}'.format(invent_url))
                        utility.write_log(30, 'Parsed error : {}'.format(invent_url))
                        continue

                    # Check target URL.
                    if utility.check_arg_value(parsed.scheme, parsed.hostname, port_num, parsed.path) is False:
                        continue

                    # Gather relevant FQDN.
                    fqdn_list = inventory.fqdn_explore(spider, google_hack, invent_url, keyword)

                    # Create report.
                    date = utility.get_current_date('%Y%m%d%H%M%S%f')[:-3]
                    print_date = utility.transform_date_string(utility.transform_date_object(date[:-3], '%Y%m%d%H%M%S'))
                    report = CreateReport(utility)
                    report.create_inventory_report(fqdn_list, keyword, parsed.hostname, print_date)

                # Create merged report.
                report.create_all_inventory_report()
        else:
            utility.print_message(FAIL, '"inventory_list.txt" is not found : {}'.format(inventory_list_path))
Beispiel #4
0
    show_banner(utility)

    if len(sys.argv) == 1:
        utility.print_message(FAIL, 'Invalid parameter "{}"'.format(sys.argv))
        exit(1)

    if sys.argv[1] == 'TRAIN':
        utility.print_message(NOTE, 'Start {} mode.'.format(sys.argv[1]))
        obj_recommend = Recommend(utility)
        obj_recommend.training_model()
        utility.print_message(NOTE, 'End {} mode.'.format(sys.argv[1]))
    elif sys.argv[1] == 'TEST' and len(sys.argv) == 3:
        utility.print_message(NOTE, 'Start {} mode.'.format(sys.argv[1]))
        target_info = sys.argv[2]
        obj_parsed = urlparse(target_info)
        if utility.check_arg_value(obj_parsed.scheme, obj_parsed.netloc, str(obj_parsed.port), obj_parsed.path) is False:
            utility.print_message(FAIL, 'Invalid target: {}.'.format(target_info))
        else:
            # Generates feature vector
            obj_invest = Investigate(utility, target_info)
            all_feature_list, all_target_list = obj_invest.main_control()

            # recommends
            obj_recommend = Recommend(utility)
            for feature_list, target_list in zip(all_feature_list, all_target_list):
                flt_start = time.time()
                utility.print_message(NONE, '-'*130)
                utility.print_message(NOTE, 'Target url: {}\nParameter: {}'.format(target_list[0], target_list[1]))
                utility.print_message(OK, 'Feature: {}'.format(feature_list))
                obj_recommend.predict(feature_list)
                flt_elapsed_time = time.time() - flt_start